.\" SPDX-License-Identifier: CC-BY-SA-4.0 or-later
.\" SPDX-FileCopyrightText: 2025 grommunio GmbH
.TH delivery-queue 8gx "" "Gromox" "Gromox admin reference"
.SH Name
delivery\-queue \(em LMTP/SMTP frontend for local delivery
.SH Synopsis
\fBdelivery\-queue\fP [\fB\-c\fP \fIconfig\fP]
.SH Description
delivery\-queue is an additional mail queue in front of delivery(8gx).
It may be removed in a future version.
.SH Options
.TP
\fB\-c\fP \fIconfig\fP
Read configuration directives from the given file. If this option is not
specified, /etc/gromox/smtp.cfg will be read if it exists.
.TP
\fB\-?\fP
Display option summary.
.PP
All time-based command-line options and configuration file directives are
subject to the syntax described in gromox(7), section "Duration
specifications".
.SH Configuration directives (gromox.cfg)
The following directives are recognized when reading from
/etc/gromox/gromox.cfg, or when the \fB\-c\fP option is used to specify a
custom file:
.TP
\fBdaemons_fd_limit\fP
In gromox-delivery-queue, this is treated as an alias for lda_fd_limit.
.TP
\fBlda_fd_limit\fP
Request that the file descriptor table be at least this large. The magic value
0 indicates that the system default hard limit (rlim_max, cf. setrlimit(2))
should be used.
.br
Default: \fI0\fP
.TP
\fBlda_recipient_delimiter\fP
The set of characters that separate an email address into localpart and
extension. This mirrors the "recipient_delimiter" directive from postconf(5).
.br
Default: (empty)
.TP
\fBlda_support_haproxy\fP
This directive sets the expectation for incoming connections to carry haproxy's
"PROXY" protocol extension version 2 (2), or no such header (0). When a
(reverse) proxy is placed in front of gromox\-delivery\-queue, the address that
gxdq normally sees is the proxy address (e.g. ::1). A proxy can use this
protocol extension to convey the actual client address, and gximap can pick
this up for its own reporting, which in turn is useful for e.g. fail2ban
setups.
.br
Default: \fI0\fP
.SH Configuration directives (smtp.cfg)
The following directives are recognized when reading from /etc/gromox/smtp.cfg,
or when the \fB\-c\fP option is used to specify a custom file:
.TP
\fBcommand_protocol\fP
Selects what kind of hello command is accepted of clients. Can be \fIlmtp\fP,
\fIsmtp\fP or \fIboth\fP.
.br
Default: \fIboth\fP
.TP
\fBconfig_file_path\fP
Colon-separated list of directories which will be scanned when locating further
configuration files, especially those used by subcomponent instances. (For
example, mysql_adaptor(4gx) would be directed to look at
/etc/gromox/smtp/mysql_adaptor.cfg before /etc/gromox/mysql_adaptor.cfg.)
.br
Default: \fI/etc/gromox/smtp:/etc/gromox\fP
.TP
\fBcontext_average_mem\fP
Default: \fI256K\fP
.TP
\fBcontext_max_mem\fP
Default: \fI2M\fP
.TP
\fBcontext_num\fP
Default: \fI200\fP
.TP
\fBdata_file_path\fP
Colon-separated list of directories which will be scanned when locating data
files.
.br
Default: \fI/usr/share/gromox/smtp\fP
.TP
\fBhost_id\fP
A unique identifier for this system. It is used for greeting lines emitted
by delivery-queue on the network.
.br
Default: (system hostname)
.TP
\fBlda_listen_addr\fP
AF_INET6 socket address to bind the LDA service to.
.br
Default: \fI::\fP
.TP
\fBlda_listen_port\fP
The TCP port to export the SMTP protocol service on.
.br
Default: \fI25\fP
.TP
\fBlda_listen_tls_port\fP
The TCP port to expose the implicit-TLS SMTP protocol service on.
.br
Default: (unset)
.TP
\fBlda_log_file\fP
Target for log messages here. Special values: "\fI-\fP" (stderr/syslog
depending on parent PID) or "\fIsyslog\fP" are recognized.
.br
Default: \fI-\fP (auto)
.TP
\fBlda_log_level\fP
Maximum verbosity of logging. 1=crit, 2=error, 3=warn, 4=notice, 5=info, 6=debug.
.br
Default: \fI4\fP (notice)
.TP
\fBlda_thread_charge_num\fP
The maximum number of connections that each thread is allowed to process.
.br
Default: \fI40\fP
.TP
\fBlda_thread_init_num\fP
The minimum number of client processing threads to keep around.
.br
Default: \fI1\fP
.TP
\fBmail_max_length\fP
Maximum permitted length of a message.
.br
Default: \fI64M\fP
.TP
\fBrunning_identity\fP
An unprivileged user account to switch the process to after startup.
To inhibit the switch, assign the empty value.
.br
Default: \fIgromox\fP
.TP
\fBsmtp_certificate_passwd\fP
The password to unlock TLS certificates.
.br
Default: (unset)
.TP
\fBsmtp_certificate_path\fP
A colon-separated list of TLS certificate files. The complete certificate chain
should be present (as there is no other config directive to pull CA certs in,
and implicit loading from system directories is not guaranteed by Gromox).
.br
Default: (unset)
.TP
\fBsmtp_conn_timeout\fP
If an SMTP connection is inactive for the given period, the connection is
terminated.
.br
Default: \fI3 minutes\fP
.TP
\fBsmtp_force_starttls\fP
This flag controls whether clients must utilize TLS, either by way of implicit
TLS (cf. \fBlda_listen_tls_port\fP), or through the STARTTLS command.
.br
Default: \fIfalse\fP
.TP
\fBsmtp_private_key_path\fP
A colon-separated list of TLS certificate private key files.
.br
Default: (unset)
.TP
\fBsmtp_support_pipeline\fP
This flag controls the offering of the PIPELINING extension (RFC 2920) to
clients.
.br
Default: \fItrue\fP
.TP
\fBsmtp_support_starttls\fP
This flag controls the offering of the STARTTLS extension (RFC 3027) to
clients.
.br
Default: \fIfalse\fP
.TP
\fBtls_min_proto\fP
The lowest TLS version to offer. Possible values are: \fBtls1.0\fP,
\fBtls1.1\fP, \fBtls1.2\fP, and, if supported by the system, \fBtls1.3\fP.
.br
Default: \fItls1.2\fP
.SH Files
.IP \(bu 4
\fIdata_file_path\fP/smtp_code.txt: Mapping from internal SMTP error codes to
textual descriptions.
.SH See also
\fBgromox\fP(7), \fBdelivery\fP(8gx), \fBmidb_agent\fP(4gx)
